﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using org.project.web.utils;
using System.Configuration;
using System.Data;
public partial class validateUser : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        SQLUtility utility = new SQLUtility();
        
        /*
        String user = Request.QueryString["User"];
        String password = Request.QueryString["Password"];
        */
        String user = Request.Cookies["User"].Value;
        String password = Request.Cookies["Password"].Value;

        /*
        String user = Request.Cookies["user"].Value;
        String password = Request.Cookies["password"].Value;
        */
        //Response.Write("<br/>user,password = " + user+" "+password);

        //String sql = "Select * from Member Where MAccount = '"+ user +"' AND MPassword = "' + "'" @MPassword";
        String sql = "Select * from Member Where MAccount = '" + user + "' AND MPassword = '" + password + "'";

        //SELECT * FROM [Member] WHERE (([MAccount] = @MAccount) AND ([MPassword] = @MPassword))
        int rows = utility.ExecuteCommandRows(ConfigurationManager.ConnectionStrings["projectConnectionString"].ConnectionString, sql);
        //Response.Write("<br/>result = " + result);

        if (rows >= 1)
        {
 
                //List<Dictionary<String, Object>> record = utility.ExecuteCommand(ConfigurationManager.ConnectionStrings["projectConnectionString"].ConnectionString, sql);
                DataSet dataSet = new DataSet();
                utility.UseSqlDataAdapterExecuteCommand(ConfigurationManager.ConnectionStrings["projectConnectionString"].ConnectionString, sql,ref dataSet);

                MemberGridView.DataSource = dataSet;
                MemberGridView.DataBind();
                String id = MemberGridView.Rows[0].Cells[0].Text;
                String MAccount = MemberGridView.Rows[0].Cells[1].Text;
                String MName = MemberGridView.Rows[0].Cells[4].Text;

                //String id = 




                Session["MId"] = id;
                Session["MAccount"] = MAccount;
                Session["User"] = MName;

                Session["LoginTime"] = DateTime.Now;
                //30分鐘 Session 過期
                Session.Timeout = 30;

                lbLoginMsg.Text = "歡迎 " + MName + " 登入購物系統";

                //Response.Write("Information:" + id +"," + MAccount);
        }
        else {
            Response.Redirect("loginErr.aspx");
        }
    }
    protected void Page_PreInit(object sender, EventArgs e)
    {
        if (Session["MId"] == null)//會員
        {
            this.Page.MasterPageFile = "~/MasterPage.master";
        }
        else       //一般使用者
            this.Page.MasterPageFile = "~/LoginedMasterPage.master";
    }
}